Microsoft steps up to take part in the war against cyber crimes

It looks as if Microsoft is ready to do its part to deter cyber crimes. Microsoft plans to offer real-time feeds that partners can use to analyze potential cyber threats and take the proper steps to boost their defenses against these attacks.

Microsoft has already had success in taking down botnets. By doing this, the company collects plenty of useful data about the threats these botnets pose. The procedure works like this: Microsoft basically swallows the botnets. This, in turn, sends botnet-infected hosts to addresses that are under Microsoft’s control. This captures the contaminated hosts and takes them offline. 

Microsoft can now gather threat information and share it with ISPs, government agencies, private companies, and CERTs. The outcome of such a move by Microsoft can be dramatic. Analysts say that while a real-time threat feed won’t lower the amount of attacks, it will help information security professionals react to these threats more quickly. This could limit the amount of damage brought on by these attacks.

Even more importantly than a decrease in damage, a live threat feed could mean that the IT security industry overall will begin to share more data.  It’s been a long-standing belief that sharing confirmed threat data could lead to copycat attacks. However, this isn’t a sound concern. Cyber criminals are already sharing information and ways to get around security systems. It only makes sense for the IT security industry to be sharing their expertise in how to battle these cyber criminals.

The IT industry has for too long viewed the sharing of the information of a cyber attack an invitation for a copycat attack. Hopefully Microsoft’s first small steps toward a much more connected IT security force will take root and that sharing data and information is a more sensible choice than secrecy.